#!/bin/sh -e
#
# rc.local
/etc/init.d/squid start
/usr/sbin/bridge.sh
# By default this script does nothing.
modprobe xt_TPROXY
modprobe xt_socket
#modprobe nf_tproxy_core
modprobe xt_mark
modprobe nf_nat
modprobe nf_conntrack_ipv4
modprobe nf_conntrack
modprobe nf_defrag_ipv4
modprobe ipt_REDIRECT
modprobe iptable_nat
iptables -t nat -F
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A INPUT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING ! -d 192.168.2.254 -p tcp -m tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3128
iptables -t mangle -A PREROUTING ! -d 192.168.2.254 -p tcp -m tcp --dport 443 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129

# ROUTING
##################################################
/sbin/ip rule add fwmark 1 lookup 100
/sbin/ip route add local 0.0.0.0/0 dev lo table 100

exit 0
